Adding debian version 5.29.2-2.debian/5.29.2-2debian

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

23 files changed, 1109 insertions, 0 deletions

diff --git a/debian/changelog b/debian/changelog
new file mode 100644
index 0000000..6f88c00
--- /dev/null
+++ b/debian/changelog
@@ -0,0 +1,455 @@
+golang-github-containers-image (5.29.2-2) unstable; urgency=medium
+
+  * Upload to unstable
+
+ -- Reinhard Tartler <siretart@tauware.de>  Tue, 06 Feb 2024 19:06:53 -0500
+
+golang-github-containers-image (5.29.2-1) experimental; urgency=medium
+
+  * New upstream release
+
+ -- Reinhard Tartler <siretart@tauware.de>  Tue, 06 Feb 2024 06:57:15 -0500
+
+golang-github-containers-image (5.29.1-2) unstable; urgency=medium
+
+  * Upload to unstable
+
+ -- Reinhard Tartler <siretart@tauware.de>  Wed, 24 Jan 2024 21:26:41 -0500
+
+golang-github-containers-image (5.29.1-1) experimental; urgency=medium
+
+  * New upstream release
+
+ -- Reinhard Tartler <siretart@tauware.de>  Tue, 23 Jan 2024 18:52:02 -0500
+
+golang-github-containers-image (5.29.0-3) unstable; urgency=medium
+
+  * Upload to unstable
+
+ -- Reinhard Tartler <siretart@tauware.de>  Sun, 21 Jan 2024 15:04:40 -0500
+
+golang-github-containers-image (5.29.0-2) experimental; urgency=medium
+
+  * enable image/signature/sigstore package
+
+ -- Reinhard Tartler <siretart@tauware.de>  Thu, 23 Nov 2023 14:50:58 +0000
+
+golang-github-containers-image (5.29.0-1) experimental; urgency=medium
+
+  * New upstream release
+  * simplify the avoid-rekor-patch further
+
+ -- Reinhard Tartler <siretart@tauware.de>  Wed, 22 Nov 2023 22:51:33 +0000
+
+golang-github-containers-image (5.28.0-4) unstable; urgency=medium
+
+  * Drop revert-x-exp-slices.patch, no longer needed, closes: #1055542
+    Fixes an FTBFS
+
+ -- Reinhard Tartler <siretart@tauware.de>  Wed, 08 Nov 2023 16:57:29 -0500
+
+golang-github-containers-image (5.28.0-3) unstable; urgency=medium
+
+  * build the containers/image/signature/sigstore package
+
+ -- Reinhard Tartler <siretart@tauware.de>  Fri, 27 Oct 2023 09:51:43 -0400
+
+golang-github-containers-image (5.28.0-2) unstable; urgency=medium
+
+  * Upload to unstable
+
+ -- Reinhard Tartler <siretart@tauware.de>  Fri, 27 Oct 2023 06:48:43 -0400
+
+golang-github-containers-image (5.28.0-1) experimental; urgency=medium
+
+  * New upstream release
+  * tighten dependency on containers/storage
+  * Refresh patches
+  * add dependency on golang-github-mattn-go-sqlite3-dev
+  * Revert upstream commit updating x-exp-slices
+
+ -- Reinhard Tartler <siretart@tauware.de>  Fri, 22 Sep 2023 11:51:55 -0400
+
+golang-github-containers-image (5.26.1-2) unstable; urgency=medium
+
+  * Upload to unstable
+
+ -- Reinhard Tartler <siretart@tauware.de>  Wed, 20 Sep 2023 08:30:09 -0400
+
+golang-github-containers-image (5.26.1-1) experimental; urgency=medium
+
+  * New upstream release
+  * debian/patches: drop support-ArgsEscaped-in-OCI-image-config.patch
+  * refresh patches
+  * debian/control: tighten dependency on containers/storage
+  * bump dependency on opencontainers/image-spec 1.10~rc4
+
+ -- Reinhard Tartler <siretart@tauware.de>  Sat, 16 Sep 2023 17:57:48 -0400
+
+golang-github-containers-image (5.25.0-12) unstable; urgency=medium
+
+  * re-enable the pkg/cli package, unbreaks compilation of skopeo
+
+ -- Reinhard Tartler <siretart@tauware.de>  Tue, 12 Sep 2023 18:15:43 -0400
+
+golang-github-containers-image (5.25.0-11) unstable; urgency=medium
+
+  * backport: [PATCH] Fix TestOCI1IndexChooseInstanceByCompression on non-amd64
+
+ -- Reinhard Tartler <siretart@tauware.de>  Mon, 11 Sep 2023 20:11:16 -0400
+
+golang-github-containers-image (5.25.0-10) unstable; urgency=medium
+
+  * sigtore disablement: Exclude some more tests
+
+ -- Reinhard Tartler <siretart@tauware.de>  Mon, 11 Sep 2023 10:26:07 -0400
+
+golang-github-containers-image (5.25.0-9) unstable; urgency=medium
+
+  * upload to unstable
+
+ -- Reinhard Tartler <siretart@tauware.de>  Sat, 09 Sep 2023 12:12:57 -0400
+
+golang-github-containers-image (5.25.0-8) experimental; urgency=medium
+
+  * work in experimental
+  * drop the vbauerster patch
+
+ -- Reinhard Tartler <siretart@tauware.de>  Mon, 04 Sep 2023 20:47:04 -0400
+
+golang-github-containers-image (5.25.0-7) experimental; urgency=medium
+
+  * sigstore workarounds require disabling signature_test.go
+
+ -- Reinhard Tartler <siretart@tauware.de>  Sat, 02 Sep 2023 10:21:43 -0400
+
+golang-github-containers-image (5.25.0-6) experimental; urgency=medium
+
+  * Delete an additional sigstore reference
+
+ -- Reinhard Tartler <siretart@tauware.de>  Sat, 02 Sep 2023 06:51:43 -0400
+
+golang-github-containers-image (5.25.0-5) experimental; urgency=medium
+
+  * Revert "also include testdata", fixes FTBFS
+
+ -- Reinhard Tartler <siretart@tauware.de>  Sat, 02 Sep 2023 06:44:19 -0400
+
+golang-github-containers-image (5.25.0-4) experimental; urgency=medium
+
+  * Build against containers/libtrust instead of docker/libtrust
+  * Rework the sigstore patch: Disable rekor/fulcio specific dependencies
+  * Build depend on golang-github-theupdateframework-go-tuf-dev
+
+ -- Reinhard Tartler <siretart@tauware.de>  Sun, 30 Jul 2023 10:12:35 -0400
+
+golang-github-containers-image (5.25.0-3) experimental; urgency=medium
+
+  * disable another sigstore reference
+
+ -- Reinhard Tartler <siretart@tauware.de>  Sat, 29 Jul 2023 19:27:10 -0400
+
+golang-github-containers-image (5.25.0-2) experimental; urgency=medium
+
+  * Invert logic around buildtag logic for disabling sigstore to avoid
+    downstream packages having to set special buildtags
+  * patch alltransports.go to avoid dependency on openshift
+
+ -- Reinhard Tartler <siretart@tauware.de>  Sat, 29 Jul 2023 18:16:29 -0400
+
+golang-github-containers-image (5.25.0-1) experimental; urgency=medium
+
+  * New upstream release
+  * Significantly expand the disable-cosign.patch
+  * Disable a couple of additional tests
+  * Revert to vbauerster/mbp version 7 (from 8)
+  * revise the libtrust patch until containers/libtrust comes out of NEW
+  * use GOFLAGS environment instead of passing on the commandline
+
+ -- Reinhard Tartler <siretart@tauware.de>  Sat, 15 Jul 2023 07:16:52 -0400
+
+golang-github-containers-image (5.23.1+git20230116+3d22f4e96c53-1) experimental; urgency=medium
+
+  * New upstream snapshot
+    - referenced from podman/4.4.0+rc2
+  * Bump dependency on containers/storage >> 1.45
+
+ -- Reinhard Tartler <siretart@tauware.de>  Thu, 19 Jan 2023 03:44:35 -0500
+
+golang-github-containers-image (5.23.1-4) unstable; urgency=medium
+
+  * Team upload
+  * Add patch to recognize ArgsEscaped in OCI image config in tests
+
+ -- Shengjing Zhu <zhsj@debian.org>  Tue, 04 Apr 2023 00:45:57 +0800
+
+golang-github-containers-image (5.23.1-3) unstable; urgency=medium
+
+  * Upload to unstable
+
+ -- Reinhard Tartler <siretart@tauware.de>  Thu, 24 Nov 2022 08:46:02 -0500
+
+golang-github-containers-image (5.23.1-2) experimental; urgency=medium
+
+  * Avoid golang-gcc, miscompiles on rivo/uniseg
+
+ -- Reinhard Tartler <siretart@tauware.de>  Sat, 12 Nov 2022 16:05:45 -0500
+
+golang-github-containers-image (5.23.1-1) experimental; urgency=medium
+
+  * New upstream version
+
+ -- Reinhard Tartler <siretart@tauware.de>  Fri, 11 Nov 2022 20:04:17 -0500
+
+golang-github-containers-image (5.22.0-2) experimental; urgency=medium
+
+  * Build and install the 'sigstore' package
+
+ -- Reinhard Tartler <siretart@tauware.de>  Wed, 17 Aug 2022 10:16:29 +0200
+
+golang-github-containers-image (5.22.0-1) experimental; urgency=medium
+
+  * New upstream version
+  * refresh patches
+  * Bump standards version
+  * add disable-sigstore.patch: Code changes to disable image signing
+    functionality. Attempting to sign or verify images will fail with
+    an error until Debian ships with a copy of github.com/sigstore/sigstore
+
+ -- Reinhard Tartler <siretart@tauware.de>  Wed, 17 Aug 2022 09:45:11 +0200
+
+golang-github-containers-image (5.21.1-3) experimental; urgency=medium
+
+  * Tighten dependency on golang-github-opencontainers-image-spec-dev
+
+ -- Reinhard Tartler <siretart@tauware.de>  Wed, 18 May 2022 22:36:50 -0400
+
+golang-github-containers-image (5.21.1-2) experimental; urgency=medium
+
+  * revert upstream patch 7152f888b90d2f3cd7a633246ceba30f5cd49cc3
+  * refresh patches
+  * debian/copyright: update with 'cme update dpkg-copyright'
+
+ -- Reinhard Tartler <siretart@tauware.de>  Sun, 15 May 2022 16:41:39 -0400
+
+golang-github-containers-image (5.21.1-1) experimental; urgency=medium
+
+  * New upstream version
+
+ -- Reinhard Tartler <siretart@tauware.de>  Sun, 15 May 2022 07:18:12 -0400
+
+golang-github-containers-image (5.19.0-1) experimental; urgency=medium
+
+  * New upstream version
+
+ -- Reinhard Tartler <siretart@tauware.de>  Sat, 05 Feb 2022 20:02:56 -0500
+
+golang-github-containers-image (5.17.0-1) experimental; urgency=medium
+
+  * New upstream version
+
+ -- Reinhard Tartler <siretart@tauware.de>  Tue, 11 Jan 2022 07:26:41 -0500
+
+golang-github-containers-image (5.16.0-3) unstable; urgency=medium
+
+  * Avoid autopkgtest failure
+
+ -- Reinhard Tartler <siretart@tauware.de>  Tue, 26 Oct 2021 13:09:20 -0400
+
+golang-github-containers-image (5.16.0-2) unstable; urgency=medium
+
+  * Upload to unstable
+
+ -- Reinhard Tartler <siretart@tauware.de>  Mon, 25 Oct 2021 17:18:26 -0400
+
+golang-github-containers-image (5.16.0-1) experimental; urgency=medium
+
+  * New upstream release
+    - tighten dependency on containers/storage
+  * manpage-fixups.patch: fix some nroff/whatis warnings to ensure proper
+    whatis/apropos parsing
+  * Bump standards version, no changes needed
+
+ -- Reinhard Tartler <siretart@tauware.de>  Wed, 06 Oct 2021 15:45:59 -0400
+
+golang-github-containers-image (5.15.2-2) unstable; urgency=medium
+
+  * bump dependency on golang-github-vbauerster-mpb-dev
+
+ -- Reinhard Tartler <siretart@tauware.de>  Sat, 28 Aug 2021 23:13:18 +0200
+
+golang-github-containers-image (5.15.2-1) unstable; urgency=medium
+
+  * New upstream version, closes: #992141
+
+ -- Reinhard Tartler <siretart@tauware.de>  Sat, 28 Aug 2021 17:47:45 +0200
+
+golang-github-containers-image (5.12.0-2) experimental; urgency=medium
+
+  * New upstream version
+  * Tighten build-depends on golang-github-containers-storage
+
+ -- Reinhard Tartler <siretart@tauware.de>  Fri, 04 Jun 2021 23:59:06 -0400
+
+golang-github-containers-image (5.11.1-1) experimental; urgency=medium
+
+  * New upstream version
+  * Bump dependency on golang-github-vbauerster-mpb-dev
+
+ -- Reinhard Tartler <siretart@tauware.de>  Fri, 28 May 2021 12:03:31 -0400
+
+golang-github-containers-image (5.10.5-2) experimental; urgency=medium
+
+  * New upstream version
+
+ -- Reinhard Tartler <siretart@tauware.de>  Fri, 02 Apr 2021 17:20:56 -0400
+
+golang-github-containers-image (5.10.3-1) unstable; urgency=medium
+
+  * New upstream version, focused bugfix release targetted for podman 3.0
+  * Tighten build-depends on golang-github-containers-storage
+
+ -- Reinhard Tartler <siretart@tauware.de>  Sun, 21 Feb 2021 16:01:53 -0500
+
+golang-github-containers-image (5.10.1-1) unstable; urgency=medium
+
+  * New upstream version 5.10.1
+  * Upload to unstable
+
+ -- Reinhard Tartler <siretart@tauware.de>  Tue, 02 Feb 2021 08:53:20 -0500
+
+golang-github-containers-image (5.9.0-1) experimental; urgency=medium
+
+  * New upstream version 5.9.0
+
+ -- Reinhard Tartler <siretart@tauware.de>  Mon, 14 Dec 2020 07:31:16 -0500
+
+golang-github-containers-image (5.8.1-3) unstable; urgency=medium
+
+  * upload to unstable
+
+ -- Reinhard Tartler <siretart@tauware.de>  Sat, 05 Dec 2020 14:11:31 -0500
+
+golang-github-containers-image (5.8.1-2) experimental; urgency=medium
+
+  * Bump Standards-Version
+  * add explicit dependency on golang-github-moby-sys-dev, Closes: #976217
+  * Introduce extra package for documentation and configuration files
+
+ -- Reinhard Tartler <siretart@tauware.de>  Thu, 03 Dec 2020 08:52:23 -0500
+
+golang-github-containers-image (5.8.1-1) unstable; urgency=medium
+
+  * No sources need to be excluded
+  * New upstream version 5.8.1
+  * tighten dependency on containers/storage
+
+ -- Reinhard Tartler <siretart@tauware.de>  Mon, 23 Nov 2020 17:11:43 -0500
+
+golang-github-containers-image (5.6.0+dfsg1-1) unstable; urgency=medium
+
+  * debian/copyright: update using cme update dpkg-copyright
+  * debian/watch: add repacksuffix
+  * New upstream version 5.6.0
+  * Tighten build-depends on containers/storage
+
+ -- Reinhard Tartler <siretart@tauware.de>  Sun, 22 Nov 2020 10:15:36 -0500
+
+golang-github-containers-image (5.5.2-1) unstable; urgency=medium
+
+  [ Debian Janitor ]
+  * Update renamed lintian tag names in lintian overrides.
+  * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository,
+    Repository-Browse.
+
+  [ Reinhard Tartler ]
+  * New upstream version 5.5.2
+  * docker-libtrust: add patch documentation
+  * Update: Lintian overrides
+  * Bump standards version, no changes needed
+
+ -- Reinhard Tartler <siretart@tauware.de>  Thu, 10 Sep 2020 07:42:57 -0400
+
+golang-github-containers-image (5.5.1-3) unstable; urgency=medium
+
+  * Upload to unstable
+
+ -- Reinhard Tartler <siretart@tauware.de>  Mon, 20 Jul 2020 07:15:32 -0400
+
+golang-github-containers-image (5.5.1-2) experimental; urgency=medium
+
+  * Tighten dependency on golang-github-vbauerster-mpb-dev
+
+ -- Reinhard Tartler <siretart@tauware.de>  Fri, 10 Jul 2020 19:50:38 -0400
+
+golang-github-containers-image (5.5.1-1) experimental; urgency=medium
+
+  * New upstream version: 5.5.1
+  * Tighten some dependencies
+
+ -- Reinhard Tartler <siretart@tauware.de>  Fri, 10 Jul 2020 08:29:09 -0400
+
+golang-github-containers-image (5.4.3-1) experimental; urgency=medium
+
+  * New upstream version 5.4.3
+  * Refresh patches
+
+ -- Reinhard Tartler <siretart@tauware.de>  Mon, 20 Apr 2020 07:33:15 -0400
+
+golang-github-containers-image (5.0.0-2) unstable; urgency=medium
+
+  * New upstream release.
+  * "golang-github-coreos-bbolt-dev (>= 1.3.3~)" (Closes: #947486).
+  * Install example "registries.conf".
+  * DH to version 12.
+  * Upload to unstable.
+
+ -- Dmitry Smirnov <onlyjob@debian.org>  Fri, 03 Jan 2020 06:50:03 +1100
+
+golang-github-containers-image (4.0.1-3) unstable; urgency=medium
+
+  * Removed "golang-github-docker-distribution-dev" from (Build-)Depends.
+
+ -- Dmitry Smirnov <onlyjob@debian.org>  Sun, 01 Dec 2019 04:14:01 +1100
+
+golang-github-containers-image (4.0.1-2) unstable; urgency=medium
+
+  * Install docs.
+  * Enabled tests.
+  * Enabled ostree support.
+  * Standards-Version: 4.4.1.
+  * Added myself to Uploaders.
+  * (Build-)Depends:
+    + golang-github-ostreedev-ostree-go-dev
+
+ -- Dmitry Smirnov <onlyjob@debian.org>  Mon, 11 Nov 2019 13:18:15 +1100
+
+golang-github-containers-image (4.0.1-1) unstable; urgency=medium
+
+  * New upstream version 4.0.1
+  * refresh patches
+
+ -- Reinhard Tartler <siretart@tauware.de>  Sun, 20 Oct 2019 08:31:31 -0400
+
+golang-github-containers-image (3.0.2-2) unstable; urgency=medium
+
+  * Upload to unstable
+
+ -- Reinhard Tartler <siretart@tauware.de>  Sat, 19 Oct 2019 21:55:07 -0400
+
+golang-github-containers-image (3.0.2-1) experimental; urgency=medium
+
+  [ Reinhard Tartler ]
+  * Initial release (Closes: #922842)
+  * backport storage options API
+
+  [ Dmitry Smirnov ]
+  * Clean-up "ostree-stub.patch" (better way to remove files than to un-patch them).
+  * (Build-)Depends: don't use transitional packages.
+
+  [ Reinhard Tartler ]
+  * New upstream version 3.0.2
+  * drop patches applied upstream
+  * add patch to built against golang-github-coreos-bolt-dev
+
+ -- Reinhard Tartler <siretart@tauware.de>  Tue, 01 Oct 2019 07:11:58 -0400
diff --git a/debian/clean b/debian/clean
new file mode 100644
index 0000000..3eb43ad
--- /dev/null
+++ b/debian/clean
@@ -0,0 +1,6 @@
+docs/*.5
+
+## tests accessing network:
+docker/docker_transport_test.go
+
+*/*/.gitignore
diff --git a/debian/control b/debian/control
new file mode 100644
index 0000000..c228355
--- /dev/null
+++ b/debian/control
@@ -0,0 +1,111 @@
+Source: golang-github-containers-image
+Section: devel
+Priority: optional
+Maintainer: Debian Go Packaging Team <team+pkg-go@tracker.debian.org>
+Uploaders: Reinhard Tartler <siretart@tauware.de>,
+           Dmitry Smirnov <onlyjob@debian.org>,
+Build-Depends: debhelper-compat (= 12),
+    dh-golang,
+    go-md2man,
+    golang-github-acarl005-stripansi-dev,
+    golang-github-burntsushi-toml-dev (>= 1.3.2),
+    golang-github-containers-libtrust-dev,
+    golang-github-containers-ocicrypt-dev (>= 1.1.9),
+    golang-github-containers-storage-dev (>= 1.51),
+    golang-github-coreos-bbolt-dev (>= 1.3.3~),
+    golang-github-otiai10-copy-dev,
+    golang-github-docker-distribution-dev,
+    golang-github-docker-docker-credential-helpers-dev,
+    golang-github-docker-docker-dev,
+    golang-github-docker-go-connections-dev,
+    golang-github-fullsailor-pkcs7-dev,
+    golang-github-ghodss-yaml-dev,
+    golang-github-imdario-mergo-dev,
+    golang-github-klauspost-pgzip-dev,
+    golang-github-manifoldco-promptui-dev,
+    golang-github-mattn-go-sqlite3-dev,
+    golang-github-moby-sys-dev,
+    golang-github-opencontainers-go-digest-dev,
+    golang-github-opencontainers-image-spec-dev (>= 1.1.0~rc5~),
+    golang-github-opencontainers-selinux-dev (>= 1.11),
+    golang-github-ostreedev-ostree-go-dev,
+    golang-github-pkg-errors-dev,
+    golang-github-pquerna-ffjson-dev,
+    golang-github-proglottis-gpgme-dev,
+    golang-github-secure-systems-lab-go-securesystemslib-dev,
+    golang-github-sigstore-sigstore-dev,
+    golang-github-sirupsen-logrus-dev,
+    golang-github-stretchr-testify-dev,
+    golang-github-sylabs-sif-dev (>> 2.3.1),
+    golang-github-ulikunitz-xz-dev,
+    golang-github-vbatts-tar-split-dev,
+    golang-github-vbauerster-mpb-dev (>= 8),
+    golang-github-xeipuuv-gojsonschema-dev,
+    golang-go,
+    golang-golang-x-crypto-dev,
+    golang-golang-x-exp-dev (>= 0.0~git20230522.2e198f4-1~),
+    golang-golang-x-net-dev,
+    golang-golang-x-sync-dev,
+    golang-gopkg-cheggaaa-pb.v1-dev,
+    libbtrfs-dev,
+    libdevmapper-dev,
+Standards-Version: 4.6.1
+Homepage: https://github.com/containers/image
+Vcs-Browser: https://salsa.debian.org/go-team/packages/golang-github-containers-image
+Vcs-Git: https://salsa.debian.org/go-team/packages/golang-github-containers-image.git
+XS-Go-Import-Path: github.com/containers/image
+Testsuite: autopkgtest-pkg-go
+
+Package: golang-github-containers-image
+Architecture: all
+Depends: ${misc:Depends}
+Replaces: buildah (<< 1.17.1+dfsg1-2)
+Description: Configuration files and manpages for github.com/containers repositories
+ This package contains documentation and configuration files for use by
+ other container projects.
+
+Package: golang-github-containers-image-dev
+Architecture: all
+Depends: ${misc:Depends},
+    golang-github-acarl005-stripansi-dev,
+    golang-github-burntsushi-toml-dev (>= 1.3.2),
+    golang-github-containers-libtrust-dev,
+    golang-github-containers-ocicrypt-dev (>= 1.1.9),
+    golang-github-containers-storage-dev (>= 1.51),
+    golang-github-coreos-bbolt-dev (>= 1.3.3~),
+    golang-github-docker-distribution-dev,
+    golang-github-docker-docker-credential-helpers-dev,
+    golang-github-docker-docker-dev,
+    golang-github-docker-go-connections-dev,
+    golang-github-ghodss-yaml-dev,
+    golang-github-imdario-mergo-dev,
+    golang-github-klauspost-pgzip-dev,
+    golang-github-manifoldco-promptui-dev,
+    golang-github-mattn-go-sqlite3-dev,
+    golang-github-moby-sys-dev,
+    golang-github-opencontainers-go-digest-dev,
+    golang-github-opencontainers-image-spec-dev (>= 1.1.0~rc5),
+    golang-github-opencontainers-selinux-dev (>= 1.11),
+    golang-github-ostreedev-ostree-go-dev,
+    golang-github-pkg-errors-dev,
+    golang-github-proglottis-gpgme-dev,
+    golang-github-secure-systems-lab-go-securesystemslib-dev (>> 0.7),
+    golang-github-sigstore-sigstore-dev,
+    golang-github-sirupsen-logrus-dev,
+    golang-github-stretchr-testify-dev,
+    golang-github-sylabs-sif-dev (>> 2.3.1),
+    golang-github-theupdateframework-go-tuf-dev,
+    golang-github-ulikunitz-xz-dev,
+    golang-github-vbatts-tar-split-dev,
+    golang-github-vbauerster-mpb-dev (>= 8),
+    golang-github-xeipuuv-gojsonschema-dev,
+    golang-golang-x-crypto-dev,
+    golang-golang-x-exp-dev (>= 0.0~git20230522.2e198f4-1~),
+    golang-golang-x-net-dev,
+    golang-golang-x-sync-dev,
+    golang-gopkg-cheggaaa-pb.v1-dev,
+Description: golang library to work with containers' images
+ This library aims at working in various way with containers' images and
+ container image registries and allows an application to pull and push
+ images from container image registries, like the upstream docker
+ registry. It also implements "simple image signing".
diff --git a/debian/copyright b/debian/copyright
new file mode 100644
index 0000000..df40a32
--- /dev/null
+++ b/debian/copyright
@@ -0,0 +1,51 @@
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: image
+Source: https://github.com/containers/image
+
+Files: *
+Copyright: 2016-2019
+           Antonio Murdaca <runcom@redhat.com>
+           Brandon Philips <brandon.philips@coreos.com>
+           Miloslav Trmac <mitr@redhat.com>
+           Dan Walsh <dwalsh@redhat.com>
+           Nalin Dahyabhai <nalin@redhat.com>
+License: Apache-2.0
+
+Files: CONTRIBUTING.md
+Copyright: 2004, 2006, The Linux Foundation and its contributors.
+License: Apache-2.0
+
+Files: debian/*
+Copyright: 2019, Reinhard Tartler <siretart@tauware.de>
+License: Apache-2.0
+Comment: Debian packaging is licensed under the same terms as upstream
+
+Files: docker/distribution_error.go
+  docker/distribution_error_test.go
+Copyright: 2022, github.com/distribution/distribution authors.
+License: Apache-2.0
+
+Files: internal/pkg/platform/platform_matcher.go
+Copyright: The containerd Authors.
+ 2012-2017, Docker, Inc.
+License: Apache-2.0
+
+Files: signature/sigstore/copied.go
+Copyright: 2021, The Sigstore Authors.
+License: Apache-2.0
+
+License: Apache-2.0
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ .
+ http://www.apache.org/licenses/LICENSE-2.0
+ .
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ .
+ On Debian systems, the complete text of the Apache version 2.0 license
+ can be found in "/usr/share/common-licenses/Apache-2.0".
diff --git a/debian/docs b/debian/docs
new file mode 100644
index 0000000..2e117bf
--- /dev/null
+++ b/debian/docs
@@ -0,0 +1 @@
+docs/*.md
diff --git a/debian/examples b/debian/examples
new file mode 100644
index 0000000..9af4f69
--- /dev/null
+++ b/debian/examples
@@ -0,0 +1 @@
+registries.conf
diff --git a/debian/gbp.conf b/debian/gbp.conf
new file mode 100644
index 0000000..2aef31b
--- /dev/null
+++ b/debian/gbp.conf
@@ -0,0 +1,4 @@
+[DEFAULT]
+debian-branch = debian/experimental
+upstream-branch = upstream
+upstream-vcs-tag = v%(version%~%-)s
diff --git a/debian/gitlab-ci.yml b/debian/gitlab-ci.yml
new file mode 100644
index 0000000..594e14e
--- /dev/null
+++ b/debian/gitlab-ci.yml
@@ -0,0 +1,6 @@
+# auto-generated, DO NOT MODIFY.
+# The authoritative copy of this file lives at:
+# https://salsa.debian.org/go-team/infra/pkg-go-tools/blob/master/config/gitlabciyml.go
+---
+include:
+  - https://salsa.debian.org/go-team/infra/pkg-go-tools/-/raw/master/pipeline/test-archive.yml
diff --git a/debian/golang-github-containers-image-dev.install b/debian/golang-github-containers-image-dev.install
new file mode 100644
index 0000000..a3da66d
--- /dev/null
+++ b/debian/golang-github-containers-image-dev.install
@@ -0,0 +1 @@
+usr/share/gocode
diff --git a/debian/golang-github-containers-image.docs b/debian/golang-github-containers-image.docs
new file mode 100644
index 0000000..b43bf86
--- /dev/null
+++ b/debian/golang-github-containers-image.docs
@@ -0,0 +1 @@
+README.md
diff --git a/debian/golang-github-containers-image.install b/debian/golang-github-containers-image.install
new file mode 100644
index 0000000..cb60c5c
--- /dev/null
+++ b/debian/golang-github-containers-image.install
@@ -0,0 +1 @@
+registries.conf /etc/containers
diff --git a/debian/license-reconcile.yml b/debian/license-reconcile.yml
new file mode 100644
index 0000000..b605457
--- /dev/null
+++ b/debian/license-reconcile.yml
@@ -0,0 +1,12 @@
+Rules:
+  rules:
+    -
+      Glob: debian/*
+      License: Apache-2.0
+      Copyright: Reinhard Tartler <siretart@tauware.de>
+    -
+      Glob: signature/fixtures/*
+      License: Apache-2.0
+      Copyright: Miloslav Trmac <mitr@redhat.com>
+      Justification: Git history
+      
\ No newline at end of file
diff --git a/debian/patches/avoid-openshift.patch b/debian/patches/avoid-openshift.patch
new file mode 100644
index 0000000..3a6ddc0
--- /dev/null
+++ b/debian/patches/avoid-openshift.patch
@@ -0,0 +1,13 @@
+Index: golang-github-containers-image/transports/alltransports/alltransports.go
+===================================================================
+--- golang-github-containers-image.orig/transports/alltransports/alltransports.go
++++ golang-github-containers-image/transports/alltransports/alltransports.go
+@@ -15,7 +15,7 @@ import (
+ 	_ "github.com/containers/image/v5/docker/archive"
+ 	_ "github.com/containers/image/v5/oci/archive"
+ 	_ "github.com/containers/image/v5/oci/layout"
+-	_ "github.com/containers/image/v5/openshift"
++	// _ "github.com/containers/image/v5/openshift"
+ 	_ "github.com/containers/image/v5/sif"
+ 	_ "github.com/containers/image/v5/tarball"
+ 	// The docker-daemon transport is registeredy by docker_daemon*.go
diff --git a/debian/patches/avoid-rekor-fulcio.patch b/debian/patches/avoid-rekor-fulcio.patch
new file mode 100644
index 0000000..9027005
--- /dev/null
+++ b/debian/patches/avoid-rekor-fulcio.patch
@@ -0,0 +1,219 @@
+Author: Reinhard Tartler <siretart@gmail.com>
+Date:   Thu Nov 9 16:10:26 2023 +0000
+Description: Add buildtags to avoid fulcio and rekor dependencies
+Forwarded: https://github.com/containers/image/pull/2180
+
+    For situations where Fulcio and Rekor operations are not required,
+    this commit provides buildtags to avoid those dependencies.
+
+    Signed-off-by: Reinhard Tartler <siretart@gmail.com>
+
+NB: This patch is modified to always use the stubs, so that dependent packages
+are not required to carry along these tags
+
+diff --git a/signature/fulcio_cert.go b/signature/fulcio_cert.go
+index ef5d3df6..c11fa46a 100644
+--- a/signature/fulcio_cert.go
++++ b/signature/fulcio_cert.go
+@@ -1,3 +1,6 @@
++//go:build debian_fulcio_disabled
++// +build debian_fulcio_disabled
++
+ package signature
+
+ import (
+diff --git a/signature/fulcio_cert_stub.go b/signature/fulcio_cert_stub.go
+new file mode 100644
+index 00000000..ee79b031
+--- /dev/null
++++ b/signature/fulcio_cert_stub.go
+@@ -0,0 +1,28 @@
++//go:build !debian_fulcio_disabled
++// +build !debian_fulcio_disabled
++
++package signature
++
++import (
++	"crypto"
++	"crypto/ecdsa"
++	"crypto/x509"
++	"errors"
++)
++
++type fulcioTrustRoot struct {
++	caCertificates *x509.CertPool
++	oidcIssuer     string
++	subjectEmail   string
++}
++
++func (f *fulcioTrustRoot) validate() error {
++	return errors.New("fulcio disabled at compile-time")
++}
++
++func verifyRekorFulcio(rekorPublicKey *ecdsa.PublicKey, fulcioTrustRoot *fulcioTrustRoot, untrustedRekorSET []byte,
++	untrustedCertificateBytes []byte, untrustedIntermediateChainBytes []byte, untrustedBase64Signature string,
++	untrustedPayloadBytes []byte) (crypto.PublicKey, error) {
++	return nil, errors.New("fulcio diabled at compile-time")
++
++}
+diff --git a/signature/fulcio_cert_test.go b/signature/fulcio_cert_test.go
+index e283ae45..ccf619f4 100644
+--- a/signature/fulcio_cert_test.go
++++ b/signature/fulcio_cert_test.go
+@@ -1,3 +1,6 @@
++//go:build debian_fulcio_disabled
++// +build debian_fulcio_disabled
++
+ package signature
+
+ import (
+diff --git a/signature/internal/rekor_set.go b/signature/internal/rekor_set.go
+index d439b5f7..d86e98a4 100644
+--- a/signature/internal/rekor_set.go
++++ b/signature/internal/rekor_set.go
+@@ -1,3 +1,6 @@
++//go:build debian_rekor_disabled
++// +build debian_rekor_disabled
++
+ package internal
+
+ import (
+diff --git a/signature/internal/rekor_set_stub.go b/signature/internal/rekor_set_stub.go
+new file mode 100644
+index 00000000..7c121cc2
+--- /dev/null
++++ b/signature/internal/rekor_set_stub.go
+@@ -0,0 +1,15 @@
++//go:build !debian_rekor_disabled
++// +build !debian_rekor_disabled
++
++package internal
++
++import (
++	"crypto/ecdsa"
++	"time"
++)
++
++// VerifyRekorSET verifies that unverifiedRekorSET is correctly signed by publicKey and matches the rest of the data.
++// Returns bundle upload time on success.
++func VerifyRekorSET(publicKey *ecdsa.PublicKey, unverifiedRekorSET []byte, unverifiedKeyOrCertBytes []byte, unverifiedBase64Signature string, unverifiedPayloadBytes []byte) (time.Time, error) {
++	return time.Time{}, NewInvalidSignatureError("rekor disabled at compile-time")
++}
+diff --git a/signature/internal/rekor_set_test.go b/signature/internal/rekor_set_test.go
+index 0cc8483d..0040b7b4 100644
+--- a/signature/internal/rekor_set_test.go
++++ b/signature/internal/rekor_set_test.go
+@@ -1,3 +1,6 @@
++//go:build debian_rekor_disabled
++// +build debian_rekor_disabled
++
+ package internal
+
+ import (
+diff --git a/signature/policy_eval_sigstore_test.go b/signature/policy_eval_sigstore_test.go
+index f4dd1136..b4600712 100644
+--- a/signature/policy_eval_sigstore_test.go
++++ b/signature/policy_eval_sigstore_test.go
+@@ -1,3 +1,6 @@
++//go:build debian_fulcio_disabled
++// +build debian_fulcio_disabled
++
+ // Policy evaluation for prCosignSigned.
+
+ package signature
+diff --git a/signature/sigstore/fulcio/fulcio.go b/signature/sigstore/fulcio/fulcio.go
+index 0e6746ab..4ba98b98 100644
+--- a/signature/sigstore/fulcio/fulcio.go
++++ b/signature/sigstore/fulcio/fulcio.go
+@@ -1,3 +1,6 @@
++//go:build debian_fulcio_disabled
++// +build debian_fulcio_disabled
++
+ package fulcio
+
+ import (
+diff --git a/signature/sigstore/fulcio/fulcio_stub.go b/signature/sigstore/fulcio/fulcio_stub.go
+new file mode 100644
+index 00000000..4f4d435c
+--- /dev/null
++++ b/signature/sigstore/fulcio/fulcio_stub.go
+@@ -0,0 +1,45 @@
++//go:build !debian_fulcio_disabled
++// +build !debian_fulcio_disabled
++
++package fulcio
++
++import (
++	"fmt"
++	"io"
++	"net/url"
++
++	"github.com/containers/image/v5/signature/sigstore/internal"
++)
++
++func WithFulcioAndPreexistingOIDCIDToken(fulcioURL *url.URL, oidcIDToken string) internal.Option {
++	return func(s *internal.SigstoreSigner) error {
++		return fmt.Errorf("fulcio disabled at compile time")
++	}
++}
++
++// WithFulcioAndDeviceAuthorizationGrantOIDC sets up signing to use a short-lived key and a Fulcio-issued certificate
++// based on an OIDC ID token obtained using a device authorization grant (RFC 8628).
++//
++// interactiveOutput must be directly accessible to a human user in real time (i.e. not be just a log file).
++func WithFulcioAndDeviceAuthorizationGrantOIDC(fulcioURL *url.URL, oidcIssuerURL *url.URL, oidcClientID, oidcClientSecret string,
++	interactiveOutput io.Writer) internal.Option {
++	return func(s *internal.SigstoreSigner) error {
++		return fmt.Errorf("fulcio disabled at compile time")
++	}
++}
++
++// WithFulcioAndInterativeOIDC sets up signing to use a short-lived key and a Fulcio-issued certificate
++// based on an interactively-obtained OIDC ID token.
++// The token is obtained
++//   - directly using a browser, listening on localhost, automatically opening a browser to the OIDC issuer,
++//     to be redirected on localhost. (I.e. the current environment must allow launching a browser that connect back to the current process;
++//     either or both may be impossible in a container or a remote VM).
++//   - or by instructing the user to manually open a browser, obtain the OIDC code, and interactively input it as text.
++//
++// interactiveInput and interactiveOutput must both be directly operable by a human user in real time (i.e. not be just a log file).
++func WithFulcioAndInteractiveOIDC(fulcioURL *url.URL, oidcIssuerURL *url.URL, oidcClientID, oidcClientSecret string,
++	interactiveInput io.Reader, interactiveOutput io.Writer) internal.Option {
++	return func(s *internal.SigstoreSigner) error {
++		return fmt.Errorf("fulcio disabled at compile time")
++	}
++}
+diff --git a/signature/sigstore/rekor/rekor.go b/signature/sigstore/rekor/rekor.go
+index 0236f0aa..f8ba6dc3 100644
+--- a/signature/sigstore/rekor/rekor.go
++++ b/signature/sigstore/rekor/rekor.go
+@@ -1,3 +1,6 @@
++//go:build debian_rekor_disabled
++// +build debian_rekor_disabled
++
+ package rekor
+
+ import (
+diff --git a/signature/sigstore/rekor/rekor_stub.go b/signature/sigstore/rekor/rekor_stub.go
+new file mode 100644
+index 00000000..d6192653
+--- /dev/null
++++ b/signature/sigstore/rekor/rekor_stub.go
+@@ -0,0 +1,17 @@
++//go:build !debian_rekor_disabled
++// +build !debian_rekor_disabled
++
++package rekor
++
++import (
++	"fmt"
++	"net/url"
++
++	signerInternal "github.com/containers/image/v5/signature/sigstore/internal"
++)
++
++func WithRekor(rekorURL *url.URL) signerInternal.Option {
++	return func(s *signerInternal.SigstoreSigner) error {
++		return fmt.Errorf("rekor disabled at build time")
++	}
++}
diff --git a/debian/patches/disable-gpgtest.patch b/debian/patches/disable-gpgtest.patch
new file mode 100644
index 0000000..c246080
--- /dev/null
+++ b/debian/patches/disable-gpgtest.patch
@@ -0,0 +1,10 @@
+Index: golang-github-containers-image/signature/simplesigning/signer_test.go
+===================================================================
+--- golang-github-containers-image.orig/signature/simplesigning/signer_test.go
++++ golang-github-containers-image/signature/simplesigning/signer_test.go
+@@ -1,3 +1,5 @@
++//go:build disable_gpg
++// +build disable_gpg
+ package simplesigning
+ 
+ import (
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 0000000..e2dfeb2
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1,5 @@
+t-skip.patch
+sif-v2.patch
+avoid-openshift.patch
+disable-gpgtest.patch
+avoid-rekor-fulcio.patch
diff --git a/debian/patches/sif-v2.patch b/debian/patches/sif-v2.patch
new file mode 100644
index 0000000..88f19f7
--- /dev/null
+++ b/debian/patches/sif-v2.patch
@@ -0,0 +1,29 @@
+Author: Reinhard Tartler <siretart@tauware.de>
+Description: fix compilation against the packaged version of sylabs/sif
+
+Index: golang-github-containers-image/sif/load.go
+===================================================================
+--- golang-github-containers-image.orig/sif/load.go
++++ golang-github-containers-image/sif/load.go
+@@ -11,7 +11,7 @@ import (
+ 	"strings"
+ 
+ 	"github.com/sirupsen/logrus"
+-	"github.com/sylabs/sif/v2/pkg/sif"
++	"github.com/sylabs/sif/pkg/sif"
+ )
+ 
+ // injectedScriptTargetPath is the path injectedScript should be written to in the created image.
+Index: golang-github-containers-image/sif/src.go
+===================================================================
+--- golang-github-containers-image.orig/sif/src.go
++++ golang-github-containers-image/sif/src.go
+@@ -18,7 +18,7 @@ import (
+ 	imgspecs "github.com/opencontainers/image-spec/specs-go"
+ 	imgspecv1 "github.com/opencontainers/image-spec/specs-go/v1"
+ 	"github.com/sirupsen/logrus"
+-	"github.com/sylabs/sif/v2/pkg/sif"
++	"github.com/sylabs/sif/pkg/sif"
+ )
+ 
+ type sifImageSource struct {
diff --git a/debian/patches/t-skip.patch b/debian/patches/t-skip.patch
new file mode 100644
index 0000000..0c84614
--- /dev/null
+++ b/debian/patches/t-skip.patch
@@ -0,0 +1,145 @@
+Last-Update: 2019-11-11
+Forwarded: not-needed
+Author: Dmitry Smirnov <onlyjob@debian.org>
+Description: disable failing tests
+
+Index: golang-github-containers-image/signature/docker_test.go
+===================================================================
+--- golang-github-containers-image.orig/signature/docker_test.go
++++ golang-github-containers-image/signature/docker_test.go
+@@ -10,6 +10,7 @@ import (
+ )
+ 
+ func TestSignDockerManifest(t *testing.T) {
++t.Skip("DM-skipped")
+ 	mech, err := newGPGSigningMechanismInDirectory(testGPGHomeDirectory)
+ 	require.NoError(t, err)
+ 	defer mech.Close()
+@@ -46,6 +47,7 @@ func TestSignDockerManifest(t *testing.T
+ }
+ 
+ func TestSignDockerManifestWithPassphrase(t *testing.T) {
++t.Skip("DM-skipped")
+ 	err := gpgagent.KillGPGAgent(testGPGHomeDirectory)
+ 	require.NoError(t, err)
+ 
+@@ -97,6 +99,7 @@ func TestSignDockerManifestWithPassphras
+ }
+ 
+ func TestVerifyDockerManifestSignature(t *testing.T) {
++t.Skip("DM-skipped")
+ 	mech, err := newGPGSigningMechanismInDirectory(testGPGHomeDirectory)
+ 	require.NoError(t, err)
+ 	defer mech.Close()
+Index: golang-github-containers-image/signature/mechanism_test.go
+===================================================================
+--- golang-github-containers-image.orig/signature/mechanism_test.go
++++ golang-github-containers-image/signature/mechanism_test.go
+@@ -179,6 +179,7 @@ func TestGPGSigningMechanismClose(t *tes
+ }
+ 
+ func TestGPGSigningMechanismSign(t *testing.T) {
++t.Skip("DM-skipped")
+ 	mech, err := newGPGSigningMechanismInDirectory(testGPGHomeDirectory)
+ 	require.NoError(t, err)
+ 	defer mech.Close()
+Index: golang-github-containers-image/pkg/blobinfocache/default_test.go
+===================================================================
+--- golang-github-containers-image.orig/pkg/blobinfocache/default_test.go
++++ golang-github-containers-image/pkg/blobinfocache/default_test.go
+@@ -98,6 +98,7 @@ func TestBlobInfoCacheDir(t *testing.T)
+ }
+ 
+ func TestDefaultCache(t *testing.T) {
++t.Skip("DM-skipped")
+ 	tmpDir := t.TempDir()
+ 
+ 	// Success
+Index: golang-github-containers-image/directory/explicitfilepath/path_test.go
+===================================================================
+--- golang-github-containers-image.orig/directory/explicitfilepath/path_test.go
++++ golang-github-containers-image/directory/explicitfilepath/path_test.go
+@@ -159,6 +159,9 @@ func runPathResolvingTestCase(t *testing
+ }
+ 
+ func TestResolvePathToFullyExplicit(t *testing.T) {
++	if os.Geteuid() == 0 {
++		t.Skip("Test must not run as root")
++	}
+ 	for _, c := range testCases {
+ 		runPathResolvingTestCase(t, ResolvePathToFullyExplicit, c, "")
+ 		runPathResolvingTestCase(t, ResolvePathToFullyExplicit, c, "/trailing")
+@@ -166,6 +169,9 @@ func TestResolvePathToFullyExplicit(t *t
+ }
+ 
+ func TestResolveExistingPathToFullyExplicit(t *testing.T) {
++	if os.Geteuid() == 0 {
++		t.Skip("Test must not run as root")
++	}
+ 	for _, c := range testCases {
+ 		runPathResolvingTestCase(t, resolveExistingPathToFullyExplicit, c, "")
+ 	}
+Index: golang-github-containers-image/internal/image/docker_schema2_test.go
+===================================================================
+--- golang-github-containers-image.orig/internal/image/docker_schema2_test.go
++++ golang-github-containers-image/internal/image/docker_schema2_test.go
+@@ -444,6 +444,7 @@ func modifiedLayerInfos(t *testing.T, in
+ }
+ 
+ func TestManifestSchema2UpdatedImage(t *testing.T) {
++t.Skip("DM-skipped")
+ 	originalSrc := newSchema2ImageSource(t, "httpd:latest")
+ 	original := manifestSchema2FromFixture(t, originalSrc, "schema2.json", false)
+ 
+@@ -506,6 +507,7 @@ func TestManifestSchema2UpdatedImage(t *
+ }
+ 
+ func TestConvertToManifestOCI(t *testing.T) {
++t.Skip("DM-skipped")
+ 	originalSrc := newSchema2ImageSource(t, "httpd-copy:latest")
+ 	original := manifestSchema2FromFixture(t, originalSrc, "schema2.json", false)
+ 	res, err := original.UpdatedImage(context.Background(), types.ManifestUpdateOptions{
+@@ -564,6 +566,7 @@ func TestConvertToManifestOCI(t *testing
+ }
+ 
+ func TestConvertToManifestOCIAllMediaTypes(t *testing.T) {
++t.Skip("DM-skipped")
+ 	originalSrc := newSchema2ImageSource(t, "httpd-copy:latest")
+ 	original := manifestSchema2FromFixture(t, originalSrc, "schema2-all-media-types.json", false)
+ 	res, err := original.UpdatedImage(context.Background(), types.ManifestUpdateOptions{
+@@ -586,6 +589,7 @@ func TestConvertToOCIWithInvalidMIMEType
+ }
+ 
+ func TestConvertToManifestSchema1(t *testing.T) {
++t.Skip("DM-skipped")
+ 	originalSrc := newSchema2ImageSource(t, "httpd-copy:latest")
+ 	original := manifestSchema2FromFixture(t, originalSrc, "schema2.json", false)
+ 	memoryDest := &memoryImageDest{ref: originalSrc.ref}
+@@ -658,6 +662,7 @@ func TestConvertToManifestSchema1(t *tes
+ }
+ 
+ func TestConvertSchema2ToManifestOCIWithAnnotations(t *testing.T) {
++t.Skip("DM-skipped")
+ 	// Test when converting an image from schema 2 (which doesn't support certain fields like
+ 	// URLs, annotations, etc.) to an OCI image (which supports those fields),
+ 	// that UpdatedImage propagates the features to the converted manifest.
+Index: golang-github-containers-image/internal/image/docker_schema1_test.go
+===================================================================
+--- golang-github-containers-image.orig/internal/image/docker_schema1_test.go
++++ golang-github-containers-image/internal/image/docker_schema1_test.go
+@@ -524,6 +524,7 @@ func TestManifestSchema1ConvertToSchema2
+ }
+ 
+ func TestManifestSchema1ConvertToManifestOCI1(t *testing.T) {
++t.Skip("DM-skipped")
+ 	original := manifestSchema1FromFixture(t, "schema1.json")
+ 	res, err := original.UpdatedImage(context.Background(), types.ManifestUpdateOptions{
+ 		ManifestMIMEType: imgspecv1.MediaTypeImageManifest,
+@@ -644,6 +645,7 @@ func TestManifestSchema1ConvertToManifes
+ }
+ 
+ func TestConvertSchema1ToManifestOCIWithAnnotations(t *testing.T) {
++t.Skip("DM-skipped")
+ 	// Test when converting an image from schema 1 (which doesn't support certain fields like
+ 	// URLs, annotations, etc.) to an OCI image (which supports those fields),
+ 	// that UpdatedImage propagates the features to the converted manifest.
diff --git a/debian/rules b/debian/rules
new file mode 100755
index 0000000..a13fd5a
--- /dev/null
+++ b/debian/rules
@@ -0,0 +1,21 @@
+#!/usr/bin/make -f
+
+# disable LTO, cf. https://wiki.debian.org/ToolChain/LTO
+export DEB_BUILD_MAINT_OPTIONS := optimize=-lto
+export DH_GOLANG_EXCLUDES := openshift
+export DH_GOLANG_INSTALL_EXTRA := $(shell find . -type d -name 'fixtures') $(wildcard docs/*.json)
+
+%:
+	dh $@ --buildsystem=golang --with=golang
+
+override_dh_strip_nondeterminism:
+	# this file comes from the testsuite, not a source of non-determinism
+	dh_strip_nondeterminism -XHello.gz
+
+override_dh_auto_install:
+	dh_auto_install --buildsystem=golang
+	make install-docs DESTDIR=$(CURDIR)/debian/golang-github-containers-image
+
+override_dh_auto_test:
+	DH_GOLANG_EXCLUDES="$(DH_GOLANG_EXCLUDES) pkg/docker image/signature" \
+	dh_auto_test -O--buildsystem=golang
diff --git a/debian/source/format b/debian/source/format
new file mode 100644
index 0000000..163aaf8
--- /dev/null
+++ b/debian/source/format
@@ -0,0 +1 @@
+3.0 (quilt)
diff --git a/debian/source/lintian-overrides b/debian/source/lintian-overrides
new file mode 100644
index 0000000..dbae892
--- /dev/null
+++ b/debian/source/lintian-overrides
@@ -0,0 +1,4 @@
+# The following (dangling) symbolic links are part of the tests. They
+# point to files that are unlikely to exists and cover error handling in
+# the application.
+golang-github-containers-image source: absolute-symbolic-link-target-in-source
diff --git a/debian/upstream/metadata b/debian/upstream/metadata
new file mode 100644
index 0000000..381ac48
--- /dev/null
+++ b/debian/upstream/metadata
@@ -0,0 +1,5 @@
+---
+Bug-Database: https://github.com/containers/image/issues
+Bug-Submit: https://github.com/containers/image/issues/new
+Repository: https://github.com/containers/image.git
+Repository-Browse: https://github.com/containers/image
diff --git a/debian/watch b/debian/watch
new file mode 100644
index 0000000..9aaca8a
--- /dev/null
+++ b/debian/watch
@@ -0,0 +1,7 @@
+# uscan(1) configuration file.
+version=4
+
+opts="\
+filenamemangle=s%(?:.*?)?v?@ANY_VERSION@(@ARCHIVE_EXT@)%@PACKAGE@-$1$2%" \
+  https://github.com/containers/image/tags \
+  (?:.*?/)?v?@ANY_VERSION@@ARCHIVE_EXT@